My initial thought was that a user dis it, I have looked through the backup logs and the folders were replaced somewhere at the back of December 2007 - its taken this long for them to realise, at that time they lost a couple of employees too!
Ill speak to the boss and ask how she feels about starting to audit the top level folder. I dont want there to be masses of logs though - thats the best place to start with this kind of thing? Gavin. On Thu, Jul 31, 2008 at 3:33 PM, James Winzenz <[EMAIL PROTECTED]>wrote: > I agree - auditing is your friend here. > > James Winzenz > Infrastructure Systems Engineer II - Security > Pulte Homes Information Services > > > -----Original Message----- > From: René de Haas [mailto:[EMAIL PROTECTED] > Posted At: Thursday, July 31, 2008 5:35 AM > Posted To: NTSysadmin > Conversation: Folders moveing themselves > Subject: RE: Folders moveing themselves > > What I have seen is users unintentionally drag folders to a different spot. > Though them reappearing in the correct folder would argue against accidents > like that. > > I'd turn on auditing and wait for a reoccurance. > > -----Original Message----- > From: Gavin Wilby [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 31, 2008 1:00 PM > To: NT System Admin Issues > Subject: Folders moveing themselves > > Bear with me here guys. before I start I think that there is an errant > user at fault. However. > > Windows 2003 SBS, with SEP and Bex11d. > > There is a share called \\server\data\company\a, and in that folder > all companies that start with A live in there. This directory structre > goes from A-Z. > > When a company gioes belly up, or simply falls out of scope of the > site that company then goes and lives in folder called > \\server\data\company\dead. > > Its just been noticed that some folders from the "dead" folder have > reappeared randomly back in the original folders that they were in. > > I have gone back as far as shadow copy will allow and this shows they > were there for the last month. No restores have been done and the boss > is convinced due to the randomness of the way they have reappered that > it wasnt a user. all users have full access to the files, and no, > there is no auditing switched on. > > Has anyone come across this and got to the bottom of it? > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > > *** > The information in this e-mail is confidential and intended solely for the > individual or entity to whom it is addressed. If you have received this > e-mail in error please notify the sender by return e-mail delete this e-mail > and refrain from any disclosure or action based on the information. > *** > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged > material for the sole use of the intended recipient(s). Any review, use, > distribution or disclosure by others is strictly prohibited. If you have > received this communication in error, please notify the sender immediately > by email and delete the message and any file attachments from your computer. > Thank you. > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
